Examples of GSSManager

Examples of org.ietf.jgss.GSSManager

68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
    /* (non-Javadoc)
     * @see java.security.PrivilegedExceptionAction#run()
     */
    public KerberosServiceContext run() throws GSSException, WSSecurityException {

        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );

        KerberosServiceContext krbServiceCtx = null;
        GSSContext secContext = null;

        try{
            secContext = gssManager.createContext(credentials);
            secContext.acceptSecContext(ticket, 0, ticket.length);

            krbServiceCtx = new KerberosServiceContext();           

            GSSName clientName = secContext.getSrcName();
View Full Code Here

Examples of org.ietf.jgss.GSSManager

219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
                        HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                return false;
            }
            // Assume the GSSContext is stateless
            // TODO: Confirm this assumption
            final GSSManager manager = GSSManager.getInstance();
            final PrivilegedExceptionAction<GSSCredential> action =
                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                GSSCredential.DEFAULT_LIFETIME,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

            outToken = gssContext.acceptSecContext(decoded, 0, decoded.length);

            if (outToken == null) {
                if (log.isDebugEnabled()) {
View Full Code Here

Examples of org.ietf.jgss.GSSManager

206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
        @Override
        public Void run() throws Exception {
          GSSContext gssContext = null;
          try {
            GSSManager gssManager = GSSManager.getInstance();
            String servicePrincipal = "HTTP/" + KerberosAuthenticator.this.url.getHost();
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);
            gssContext.requestCredDeleg(true);
            gssContext.requestMutualAuth(true);

            byte[] inToken = new byte[0];
View Full Code Here

Examples of org.ietf.jgss.GSSManager

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
      this.connected = true;
    }

    this.port = (url.getPort() == -1) ? PORT : url.getPort();

    GSSManager manager = ExtendedGSSManager.getInstance();

    ExtendedGSSContext context = null;

    try {
      context =
        (ExtendedGSSContext)manager.createContext(getExpectedName(),
            GSSConstants.MECH_OID,
            this.credentials,
            GSSContext.DEFAULT_LIFETIME);

      switch (this.delegationType) {
View Full Code Here

Examples of org.ietf.jgss.GSSManager

77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
     * @throws GSSException
     */
    private static void doHandShake(int localPort) throws IOException,
            GSSException {
        ServerSocket ss = new ServerSocket(localPort);
        GSSManager manager = GSSManager.getInstance();

        /*
         * Create a GSSContext to receive the incoming request from the client.
         * Use null for the server credentials passed in to tell the underlying
         * mechanism to use whatever credentials it has available that can be
         * used to accept this connection.
         */
        GSSCredential serverCreds = manager.createCredential(manager
                .createName(SERVICE_NAME, null),
                GSSCredential.DEFAULT_LIFETIME, new Oid(
                        SocksProxyConstants.KERBEROS_V5_OID),
                GSSCredential.ACCEPT_ONLY);

        while (true) {
            logger.debug("Waiting for incoming connection on port {} ...",
                    localPort);
            GSSContext context = manager.createContext(serverCreds);
            Socket socket = ss.accept();

            try {
                DataInputStream inStream = new DataInputStream(socket
                        .getInputStream());
View Full Code Here

Examples of org.ietf.jgss.GSSManager

177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
        } else if (method == SocksProxyConstants.GSSAPI_AUTH) {
            GSSContext ctx = (GSSContext) getSession()
                    .getAttribute(GSS_CONTEXT);
            if (ctx == null) {
                GSSManager manager = GSSManager.getInstance();
                GSSName serverName = manager.createName(request
                        .getServiceKerberosName(), null);
                Oid krb5OID = new Oid(SocksProxyConstants.KERBEROS_V5_OID);

                if (logger.isDebugEnabled()) {
                    logger.debug("Available mechs:");
                    for (Oid o : manager.getMechs()) {
                        if (o.equals(krb5OID)) {
                            logger.debug("Found Kerberos V OID available");
                        }
                        logger.debug("{} with oid = {}", manager
                                .getNamesForMech(o), o);
                    }
                }

                ctx = manager.createContext(serverName, krb5OID, null,
                        GSSContext.DEFAULT_LIFETIME);

                ctx.requestMutualAuth(true); // Mutual authentication
                ctx.requestConf(false);
                ctx.requestInteg(false);
View Full Code Here

Examples of org.ietf.jgss.GSSManager

139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
    private byte[] getToken(AuthorizationPolicy authPolicy,
                            String spn,
                            Oid oid,
                            Message message) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSCredential delegatedCred =
            (GSSCredential)message.getContextualProperty(GSSCredential.class.getName());
       
        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
       
        context.requestCredDeleg(isCredDelegationRequired(message));

        // If the delegated cred is not null then we only need the context to
View Full Code Here

Examples of org.ietf.jgss.GSSManager

127
128
129
130
131
132
133
134
135
136
137
138
139
140
     * @throws GSSException
     * @throws LoginException
     */
    private byte[] getToken(AuthorizationPolicy authPolicy, String spn, Oid oid) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?
        context.requestMutualAuth(true);
        // TODO Credential delegation could be a security hole if it was not
View Full Code Here

Examples of org.ietf.jgss.GSSManager

59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
        this.serviceName = serviceName;
        this.isUsernameServiceNameForm = isUsernameServiceNameForm;
    }

    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials =
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );

        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSContext secContext =
            gssManager.createContext(
                gssService, kerberos5Oid, credentials, GSSContext.DEFAULT_LIFETIME
            );

        secContext.requestMutualAuth(false);
View Full Code Here

Examples of org.ietf.jgss.GSSManager

69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
    /* (non-Javadoc)
     * @see java.security.PrivilegedExceptionAction#run()
     */
    public KerberosServiceContext run() throws GSSException, WSSecurityException{

        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );

        KerberosServiceContext krbServiceCtx = null;
        GSSContext secContext = null;

        try{
            secContext = gssManager.createContext(credentials);
            secContext.acceptSecContext(ticket, 0, ticket.length);

            krbServiceCtx = new KerberosServiceContext();           

            GSSName clientName = secContext.getSrcName();
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.